search for: tlsciphersuit

Displaying 20 results from an estimated 41 matches for "tlsciphersuit".

Did you mean: tlsciphersuite
2017 Mar 18
2
Dovecot can't connect to openldap over starttls
The serverlog of openldap with loglevel "any": https://gwarband.de/openldap/openldap-connect.log Note: openldap waits 1 Minute before he says "TLS negotiation failure" after the connect. and dovecot says direct "Connect error" I've also delete the TLSCipherSuite from openldap. Tobias Am 2017-03-18 14:01, schrieb Tomas Habarta: > Increase log level on server side as well to see what the server > says... > You may remove anything in TLSCipherSuite for the purpose of testing > too. > > Hopefully anyone knowing OpenLDAP internals could...
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
I have also tested with 2.2.28 and this version has the same issue. The finding of compatible ciphers is not the problem because I have uncommented the ldap entrys: TLSCipherSuite SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM TLSProtocolMin 3.1 Maybe you have further ideas. Am 2017-03-20 17:42, schrieb Aki Tuomi: >> On March 20, 2017 at 5:28 PM info at gwarband.de wrote: >> >> >> Can sombody say something...
2007 Mar 05
1
LDAP + SSL
Hi everybody I have setting my ldap server. But I created an certificate with the following command: cd /usr/share/ssl/certs; make ldap.pem Then edit slapd.conf file a insert the following lines: TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCACertificateFile /usr/share/ssl/certs/ldap.pem TLSCertificateFile /usr/share/ssl/certs/ldap.pem TLSCertificateKeyFile /usr/share/ssl/certs/ldap.pem I restart the service. Then, I run the comando authconfig and I select ldap with tls. I review the logs ldap server a thrown th...
2017 Mar 20
2
Dovecot can't connect to openldap over starttls
...ny": >> https://gwarband.de/openldap/openldap-connect.log >> Note: openldap waits 1 Minute before he says "TLS negotiation >> failure" >> after the connect. >> and dovecot says direct "Connect error" >> >> I've also delete the TLSCipherSuite from openldap. >> >> Tobias >> >> Am 2017-03-18 14:01, schrieb Tomas Habarta: >>> Increase log level on server side as well to see what the server >>> says... >>> You may remove anything in TLSCipherSuite for the purpose of testing >>&gt...
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
...t; >> On March 20, 2017 at 8:14 PM info at gwarband.de wrote: >> >> >> I have also tested with 2.2.28 and this version has the same issue. >> >> The finding of compatible ciphers is not the problem because I have >> uncommented the ldap entrys: >> TLSCipherSuite >> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM >> TLSProtocolMin 3.1 >> >> Maybe you have further ideas. >> >> Am 2017-03-20 17:42, schrieb Aki Tuomi: >>>> On March 20, 2017 at 5:28 PM info at gwarband.de wrote: &g...
2006 Oct 09
1
SAMBA + LDAP + TLS
...problem is that I coudl not make it work, here I what I've done. This is what netstat shows. tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:389 127.0.0.1:1873 ESTABLISHED tcp 0 0 :::389 :::* LISTEN tcp 0 0 :::636 :::* LISTEN in slapd.conf i have TLSCipherSuite HIGH:MEDIUM:+SSLv3 TLSCertificateFile /usr/local/etc/openldap/ssl/server.crt TLSCertificateKeyFile /usr/local/etc/openldap/ssl/server.key VerifyClient demand I created the certificate like this: openssl genrsa 2048 -out > server.key openssl req -new -key server.key -out server.csr openssl req...
2017 Mar 20
0
Dovecot can't connect to openldap over starttls
...of openldap with loglevel "any": > https://gwarband.de/openldap/openldap-connect.log > Note: openldap waits 1 Minute before he says "TLS negotiation failure" > after the connect. > and dovecot says direct "Connect error" > > I've also delete the TLSCipherSuite from openldap. > > Tobias > > Am 2017-03-18 14:01, schrieb Tomas Habarta: >> Increase log level on server side as well to see what the server says... >> You may remove anything in TLSCipherSuite for the purpose of testing too. >> >> Hopefully anyone knowing Op...
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
...nd.de wrote: >>>> >>>> >>>> I have also tested with 2.2.28 and this version has the same issue. >>>> >>>> The finding of compatible ciphers is not the problem because I have >>>> uncommented the ldap entrys: >>>> TLSCipherSuite >>>> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM >>>> TLSProtocolMin 3.1 >>>> >>>> Maybe you have further ideas. >>>> >>>> Am 2017-03-20 17:42, schrieb Aki Tuomi: >>>>>> On...
2017 Mar 18
2
Dovecot can't connect to openldap over starttls
I've replicate the settings from ldapsearch to dovecot but no success. To the certificate: Yes it's a *.crt file but I have linked the *.pem file to it and dovecot has read access to that file. I have enabled the debugging in dovecot and have uploaded the output: https://gwarband.de/openldap/dovecot-connect.log And the other site with ldapsearch:
2017 Mar 20
0
Dovecot can't connect to openldap over starttls
...;>> https://gwarband.de/openldap/openldap-connect.log >>> Note: openldap waits 1 Minute before he says "TLS negotiation failure" >>> after the connect. >>> and dovecot says direct "Connect error" >>> >>> I've also delete the TLSCipherSuite from openldap. >>> >>> Tobias >>> >>> Am 2017-03-18 14:01, schrieb Tomas Habarta: >>>> Increase log level on server side as well to see what the server >>>> says... >>>> You may remove anything in TLSCipherSuite for the purpos...
2017 Mar 20
0
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
...complete, can you try again? Aki > On March 20, 2017 at 8:14 PM info at gwarband.de wrote: > > > I have also tested with 2.2.28 and this version has the same issue. > > The finding of compatible ciphers is not the problem because I have > uncommented the ldap entrys: > TLSCipherSuite > SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM > TLSProtocolMin 3.1 > > Maybe you have further ideas. > > Am 2017-03-20 17:42, schrieb Aki Tuomi: > >> On March 20, 2017 at 5:28 PM info at gwarband.de wrote: > >> >...
2017 Mar 20
0
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
...:14 PM info at gwarband.de wrote: > >> > >> > >> I have also tested with 2.2.28 and this version has the same issue. > >> > >> The finding of compatible ciphers is not the problem because I have > >> uncommented the ldap entrys: > >> TLSCipherSuite > >> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM > >> TLSProtocolMin 3.1 > >> > >> Maybe you have further ideas. > >> > >> Am 2017-03-20 17:42, schrieb Aki Tuomi: > >>>> On March 20, 2017 at 5:...
2003 Feb 18
1
problems with ldap tls
...ldap ssl = no working thanx Here my smb.conf: ldap server = localhost #ldap port = 389 ldap port = 636 ldap suffix = o=zolnott,dc=de ldap admin dn = uid=ldaproot,o=zolnott,dc=de ldap filter = (&(uid=%u)(objectclass=sambaAccount)) ldap ssl = start_tls Here my slapd.conf: TLSCipherSuite HIGH:MEDIUM:+SSLv2:RSA TLSCertificateFile /etc/openldap/www.zolnott.de-ldap-crt.pem TLSCertificateKeyFile /etc/openldap/www.zolnott.de-ldap-key-nopw.pem Here my log.smbd: [2003/02/18 01:40:12, 0] passdb/pdb_ldap.c:ldap_open_connection(182) Failed to issue the StartTLS instruction: Can't co...
2008 Apr 01
2
openldap on Centos 5.1 with TLS
Hi, sorry for the stupid question, but however i am following all howtos and tutorials it is not working 1) i have created CA certificate - /etc/pki/tls/misc/CA -newca 2) i have generated a new request - /etc/pki/tls/misc/CA -newreq 3) i have signed certificate /etc/pki/tls/misc/CA -signreq SO i have CA in /etc/pki/CA i have newkey.pem i have newcert.pem i have also cealrkey.pem (without
2017 Mar 21
0
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
...>> >>>>> >>>>> I have also tested with 2.2.28 and this version has the same issue. >>>>> >>>>> The finding of compatible ciphers is not the problem because I have >>>>> uncommented the ldap entrys: >>>>> TLSCipherSuite >>>>> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM >>>>> TLSProtocolMin 3.1 >>>>> >>>>> Maybe you have further ideas. >>>>> >>>>> Am 2017-03-20 17:42, schrieb Aki Tuomi: >&...
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
Can sombody say something about this request? This is an email from the openldap-technical mailinglist from openldap. Systemdetails are mention in the other email. -------- Originalnachricht -------- Betreff: Re: Dovecot can't connect to openldap over starttls Datum: 2017-03-20 16:18 Absender: Dan White <dwhite at cafedemocracy.org> Empf?nger: info at gwarband.de Kopie:
2010 Nov 25
1
can't use godaddy SSL cert
...3 Open source LDAP client implementation with SASL2 support openldap-sasl-server-2.4.23 Open source LDAP server implementation I have setup the certificate chain in my slapd.conf like so: [root at LBSD2:/usr/home/bluethundr]#grep -i tls /usr/local/etc/openldap/slapd.conf## TLS options for slapd TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCertificateFile /usr/local/etc/openldap/cacerts/LBSD2.summitnjhome.com.crt TLSCertificateKeyFile /usr/local/etc/openldap/cacerts/slapd.pem TLSCACertificateFile /usr/local/etc/openldap/cacerts/sf_issuing.crt I have tried each of the following certs with no luck in getting m...
2017 Mar 18
0
Dovecot can't connect to openldap over starttls
Increase log level on server side as well to see what the server says... You may remove anything in TLSCipherSuite for the purpose of testing too. Hopefully anyone knowing OpenLDAP internals could help you analyse it more deeply. Tomas On 03/18/2017 01:31 PM, info at gwarband.de wrote: > I've replicate the settings from ldapsearch to dovecot but no success. > To the certificate: > Yes it's...
2004 Jun 11
2
Samba 3.0.3 on FC2: windows machine cannot join domain
.../openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema allow bind_v2 passwd-hash {SSHA] pidfile /var/run/slapd.pid TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCACertificateFile /var/ssl/cacert.pem TLSCertificateFile /var/ssl/ldapcrt.pem TLSCertificateKeyFile /var/ssl/ldapkey.pem TLSVerifyClient 0 security ssf=1 update_ssf=112 simple_bind=64 access to dn=".*,dc=soil,dc=ncsu,dc=edu" attr=userPassword by dn="c...
2009 Feb 18
1
samba can not contact the ldap server
...ateKeyFile /etc/ssl/ldapkey.pem # privater Schluessel # equivalent to TLS_CERT TLSCACertificateFile /etc/ssl/demoCA/cacert.pem # Certificate Authority # this is equivalent to TLS_REQCERT #TLSVerifyClient allow #TLSVerifyClient try #TLSVerifyClient demand #Verfahrensweise TLSCipherSuite HIGH:MEDIUM:+SSLv2 ####################################################################### # BDB database definitions ####################################################################### database bdb suffix "dc=redcor,dc=ch" checkpoint 1024 5 cachesize 10000 ro...